administrative department or industry group, thereby making possible high 
quality and efficient design. 

WE CLAIM 

1. A security specification creation support device that supports 
creation of a security specification in respect of an information network 
system, comprising: 

a security specification example database in which existing security 
specifications are registered as examples; 

a definition information acceptance unit that accepts the definition 
information of respective components constituting the information network 
system from a user; 

a security specification selection unit that looks up reusable 
examples from the security specification example database based on 
definition information of the component accepted by the definition 
information acceptance unit in respect of the respective components; and 

a security specification draft creation unit that creates a composite 
security specification draft in respect of an information network system 
by entering the details of respective examples found by the security 
specification selection unit in a prescribed form of security 
specification and accepts revisions of the draft from the user. 

2. The security specification creation support device according to claim 
1 wherein the security specification selection unit, when at least one 
reusable example is detected from the security specification example 
database in respect of the respective components , allows a user to select 
an example for re-use from the detected examples and uses this selected 
example as a security specification draft for the component and accepts 
from the user revisions of this draft, and when no reusable example is 
detected from the security specification example database, creates 
security specification drafts of the respective components by accepting 
from the user a security specification draft of the components; and 

the security specification draft creation unit creates the composite 
security specification draft by entering the details of the security 
specification drafts of the respective components in the prescribed form 
of security specification. 
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3. 

The security specification creation support device according to claim 
2 wherein the security specification draft creation unit creates the 
composite security specification draft such that the portions where 
details of the security specification drafts of the respective components 
can be identified. 

4. 

The security specification creation support device according to claim 
1 wherein the definition information acceptance unit accepts from the user 
definition information of respective domains obtained by dividing the 
information network system into operational environment units, definition 
information of respective subsystems obtained by dividing these domains 
into device units in respect of the respective domains, and definition 
information of the respective components obtained by dividing these 
subsystems into minimum units for security analysis in respect of the 
respective subsystems. 

5. The security specification creation support device according to claim 

4 wherein the security specification draft creation unit creates a 
composite security specification draft of the domain or the subsystem by 
entering the details of the security specification draft of the respective 
components belonging to the domain or the subsystem in a prescribed form 
of security specification. 

6 . The security specification creation support device according to claim 

5 wherein, in the security specification example database 

previously created composite security specifications of domains and 
subsystems are registered as examples, and 

the security specification selection unit looks up examples of 
composite security specifications of domains or subsystems that can be re- 
used from the security specification example database, based on the 
definition information of the domain or subsystem accepted by the 
definition information acceptance unit, in respect of the respective 
domains or the respective subsystems . 
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7. The security specification creation support device according to claim 
4 further comprising a system configuration example database in which 
typical patterns of component configurations in respect of a plurality of 
respective subsystems are registered as examples, and 

the definition information acceptance unit identifies a typical 
pattern of component configuration of the subsystem from the system 
configuration examples based on the subsystem definition information 
accepted from the user, and accepts definition information from the user 
in respect of respective components indicated by the component 
configuration of identified typical pattern. 

8. The security specification creation support device according to claim 
4 comprising a tree display unit that displays respective domains, 
subsystems and components whose definition information has been accepted 
by the definition information acceptance unit, in a tree structure in 
which layer relationship in the information network system can be 
identified . 

9. The security specification creation support device according to claim 
8 wherein the tree display unit displays respective components 
constituting the same subsystem in a layer structure in which layer 
relationship in the subsystem can be identified. 

10. The security specification creation support device according to claim 
8 wherein the tree display unit displays respective components in such a 
way that whether or not an example has been detected by the security 
specification selection unit can be identified. 

11. The security specification creation support device according to claim 
1 wherein the security specification example database is arranged 
separated from the security specification selection unit, through a 
network . 
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12. A program capable of being read by a computer for supporting creation 
of a security specification in respect of an information network system, 
which makes the computer function as: 

a definition information acceptance unit that accepts the definition 
information of respective components constituting the information network 
system from the user; 

a security specification selection unit that looks up reusable 
examples from a security specification example database in which existing 
security specifications are registered as examples based on definition 
information of the component accepted by the definition information 
acceptance unit in respect of the respective components; and 

a security specification draft creation unit that creates a composite 
security specification draft in respect of an information network system 
by entering the details of respective examples found by the security 
specification selection unit in a prescribed form of security 
specification and accepts revisions of the draft from the user. 

13. A security specification creation support method that supports 
creation of a security specification in respect of an information network 
system using a computer 

in which a security specification example database in which existing 
security specifications are registered as examples is stored in a storage 
device of the computer or another computer connected with the aforesaid 
computer through a network, and 

the computing device of the computer performs: 

a definition information acceptance step of accepting from the user 
definition information of respective components constituting the 
information network system; 

a security specification selection step in which reusable examples 
are looked up from the security specification example database based on 
definition information of the component accepted by the definition 
information acceptance step in respect of the respective components; and 

a security specification draft creation step in which a composite 
security specification draft is created in respect of the information 
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